I highly doubt it since VNC doesn't use SSH keys.

Start with the basics. Copy and paste what commands you are using and
what output they are generating.

Please send replies to the VNC list.
This tells you nothing of the status of any firewalls on 10.3.1.194, though.
I assume this is after you have used SSH to connect to the gateway machine?
None of your examples use port forwarding, only a remote X tunnel from SSH.
Is there a firewall on your machine blocking connections, though. Another
troubleshooting step would be to use telnet to verify you can connect to
the machine:

$ telnet 10.3.1.194 5901

And see if you get a response.

Its just a Fedora/Gnome workstation. I haven't setup any firewalls. How
would I check this? I've seen this in the logs, maybe there's an x
session authorization issue?

Authentication Rejected, reason : None of the authentication protocols
specified are supported and host-based authentication failed.
connect to the gateway machine?

Yes
SSH.

I can invoke VNCauth on other systems from the SSH gateway, and I was
told that the tunneling was all I needed. The hardware is different, and
they may be running an older Fedora, so I guess the systems are too
different to compare.

I've seen had an example of a connection command with ports for
forwarding but can't find it. What command would work for my situation?



-----Original Message-----
From: vnc-list-***@realvnc.com [mailto:vnc-list-***@realvnc.com] On
Behalf Of William Hooper
Sent: Friday, August 11, 2006 11:10 AM
To: vnc-***@realvnc.com
Subject: RE: main: unable to connect to host: Connection timed out (110)

Please send replies to the VNC list.
This tells you nothing of the status of any firewalls on 10.3.1.194,
though.
I assume this is after you have used SSH to connect to the gateway
machine?
None of your examples use port forwarding, only a remote X tunnel from
SSH.
Is there a firewall on your machine blocking connections, though.
Another
troubleshooting step would be to use telnet to verify you can connect to
the machine:

$ telnet 10.3.1.194 5901

And see if you get a response.

PS, when I tested telnet port 5901 from the SSH gateway to the
workstation, it also timed out. I can ping and SSH though. How do I open
up port 5901?

-----Original Message-----
From: Robert Van Overmeiren
Sent: Friday, August 11, 2006 12:42 PM
To: 'VNC-***@realvnc.com'
Subject: RE: main: unable to connect to host: Connection timed out (110)
Its just a Fedora/Gnome workstation. I haven't setup any firewalls. How
would I check this? I've seen this in the logs, maybe there's an x
session authorization issue?

Authentication Rejected, reason : None of the authentication protocols
specified are supported and host-based authentication failed.
connect to the gateway machine?

Yes
SSH.

I can invoke VNCauth on other systems from the SSH gateway, and I was
told that the tunneling was all I needed. The hardware is different, and
they may be running an older Fedora, so I guess the systems are too
different to compare.

I've seen had an example of a connection command with ports for
forwarding but can't find it. What command would work for my situation?



-----Original Message-----
From: vnc-list-***@realvnc.com [mailto:vnc-list-***@realvnc.com] On
Behalf Of William Hooper
Sent: Friday, August 11, 2006 11:10 AM
To: vnc-***@realvnc.com
Subject: RE: main: unable to connect to host: Connection timed out (110)

Please send replies to the VNC list.
This tells you nothing of the status of any firewalls on 10.3.1.194,
though.
I assume this is after you have used SSH to connect to the gateway
machine?
None of your examples use port forwarding, only a remote X tunnel from
SSH.
Is there a firewall on your machine blocking connections, though.
Another
troubleshooting step would be to use telnet to verify you can connect to
the machine:

$ telnet 10.3.1.194 5901

And see if you get a response.

I connected!

Logged into SSH gateway:

$ ssh -X ***@merrimack

Binded ports:

$ ssh -f -N -C -T -l rvanovermeiren -L5902:localhost:5901 10.3.1.194

Then vncviewer:

$ vncviewer [-shared] localhost:2

How do I unbind the ports?

Does the binding persist until I do?

Now I have to try connecting remotely using Cygwin openssh on Windoz XP.


-----Original Message-----
From: vnc-list-***@realvnc.com [mailto:vnc-list-***@realvnc.com] On
Behalf Of Robert Van Overmeiren
Sent: Friday, August 11, 2006 12:46 PM
To: VNC-***@realvnc.com
Subject: RE: main: unable to connect to host: Connection timed out (110)

PS, when I tested telnet port 5901 from the SSH gateway to the
workstation, it also timed out. I can ping and SSH though. How do I open
up port 5901?

-----Original Message-----
From: Robert Van Overmeiren
Sent: Friday, August 11, 2006 12:42 PM
To: 'VNC-***@realvnc.com'
Subject: RE: main: unable to connect to host: Connection timed out (110)
Its just a Fedora/Gnome workstation. I haven't setup any firewalls. How
would I check this? I've seen this in the logs, maybe there's an x
session authorization issue?

Authentication Rejected, reason : None of the authentication protocols
specified are supported and host-based authentication failed.
connect to the gateway machine?

Yes
SSH.

I can invoke VNCauth on other systems from the SSH gateway, and I was
told that the tunneling was all I needed. The hardware is different, and
they may be running an older Fedora, so I guess the systems are too
different to compare.

I've seen had an example of a connection command with ports for
forwarding but can't find it. What command would work for my situation?



-----Original Message-----
From: vnc-list-***@realvnc.com [mailto:vnc-list-***@realvnc.com] On
Behalf Of William Hooper
Sent: Friday, August 11, 2006 11:10 AM
To: vnc-***@realvnc.com
Subject: RE: main: unable to connect to host: Connection timed out (110)

Please send replies to the VNC list.
This tells you nothing of the status of any firewalls on 10.3.1.194,
though.
I assume this is after you have used SSH to connect to the gateway
machine?
None of your examples use port forwarding, only a remote X tunnel from
SSH.
Is there a firewall on your machine blocking connections, though.
Another
troubleshooting step would be to use telnet to verify you can connect to
the machine:

$ telnet 10.3.1.194 5901

And see if you get a response.

The firewall is on by default. Did you disable it during installation?
/sbin/service iptables status
If you can connect to the VNC server fine from the local machine, but not
the network then it is a network issue.

[snip]
Which leads us to believe the problem is communication with that specific
machine.
You aren't tunneling.
If the issue is a local firewall, the only tunneling that would work would
be:

a) create a tunnel on the gateway to SSH on the problem machine
b) create a tunnel (via the first tunnel) to VNC on the problem machine

Unless you need the traffic from the gateway to the VNC machine encrypted,
it would be easier to fix this issue then just use one tunnel from the
gateway to the VNC server.

http://www.cl.cam.ac.uk/Research/DTG/attarchive/vnc/sshvnc.html

Firewall is not configured.
Yes, I thought so.
machine

That might be what I did with the SSH command in my other posting

ssh -f -N -C -T -l rvanovermeiren -L5902:localhost:5901 10.3.1.194
When I run the command again, it returns 'bind: Address already in use',
so I thought I was binding ports to addresses.
it works when connecting directly to the VNC server doesn't.

Yes, so my box doesn't allow external connections for telnet or VNC.
I can close my connection to the SSH gateway, but the tunneling
connection stays there, and I can re-VNC. I guess I need to get the proc
ID then kill it?

I executed 'iptables stop' and now the port is open.

Thx for setting me straight :)

-----Original Message-----
From: Robert Van Overmeiren
Sent: Friday, August 11, 2006 1:45 PM
To: 'VNC-***@realvnc.com'
Subject: RE: main: unable to connect to host: Connection timed out (110)
Firewall is not configured.